ITS translations: security problem?

sean fagan aeusesef at csuna.UUCP
Sun Feb 7 11:15:24 AEST 1988


>In article <9690 at tekecs.TEK.COM> andrew at frip.gwd.tek.com (Andrew Klossner) writes:
>	  So you add s|^/bin/rm$|/user/me/bin/rm| to your
>	translation list."

Well, our Elxsi (running EMBOS) has this feature, and, after seeing this, I
decided to try it.  I tried making my own copy of the password file (it's
unreadable by mere peons [and most of the support personel, grumble], so I
had to guess about the format from the documentation).  I then did an
'equate' (the translation scheme), telling it that '/systemfiles/groups'
should be accessed as '/user/1.fagan/mygroups'.  It seemed to work, when I
did a copy or anything like that, so I then tried a 'changeid' (su), but it
didn't allow it.  Sigh.  I would assume from my experiment that either I
screwed up the password format (probably), or there is a way of bypassing
the 'file equates' (also probably).  I thought of a few nice twists I could
do to test it, so all hope is not yet lost 8-).

 -----

 Sean Eric Fagan          Office of Computing/Communications Resources
 (213) 852 5742           Suite 2600
 1GTLSEF at CALSTATE.BITNET  5670 Wilshire Boulevard
                          Los Angeles, CA 90036
{litvax, rdlvax, psivax, hplabs, ihnp4}!csun!csuna!aeusesef



More information about the Comp.unix.wizards mailing list